CompTIA Security+ Exam SYO-601 Questions and Answers 2023.

1 1 CompTIA Security+ Exam SYO -601 Question s and Answers 2023 NO.1 Which of the following statements BEST describes zero -day exploits' (A). When a zero -day exploit is discovered, the system cannot be protected by any means (B). Zero -day exploits have their own scoring category in CVSS (C). A zero -day exploit is initially undetectable and no patch for it exists (D). Discovering zero -day exploits is always performed via bug bounty programs Answer: C NO.2 Which of the following is an example of transference of risk? (A). Purchasing insurance (B). Patching vulnerable servers (C). Retiring outdated applications (D). Application owner risk sign -off Answer: A NO.3 A technician enables full disk encryption on a laptop that will be taken on a business trip. Which of the following does this process BEST protect? (A). Data in transit (B). Data in processing (C). Data at rest (D). Data tokenization Answer: C NO.4 Which of the following would BEST provide detective and corrective controls for thermal regulation? (A). A smoke detector (B). A fire alarm (C). An HVAC system (D). A fire suppression system Guards Answer: C NO.5 Which of the following is the MOST effective control against zero -day vulnerabilities? (A). Network segmentation (B). Patch management (C). Intrusion prevention system (D). Multiple vulnerability scanners Answer: A NO.6 An organization implemented a process that compares the settings currently configured on systems against secure configuration guidelines in order to identify any gaps Which of the following control types has the organization implemented? (A). Compensating (B). Corrective (C). Preventive (D). Detective Answer: C NO.7 A security analyst is investigating suspicious traffic on the web server located at IP address 2 10.10.1.1. A search of the WAF logs reveals the following output: Which of the following is MOST likely occurring? (A). XSS attack (B). SOLi attack (C). Replay attack (D). XSRF attack Answer: B NO.8 An incident has occurred in the production environment. Analyze the command outputs and identify the type of compromise. If at any time you would like to bring back the initial state of the simulation, please click the Reset All button. See the answer below. Explanation Answer as SQL injection Graphical user interface, text Description automatically generated 3 NO.9 Which of the following documents provides expectations at a technical level for quality, availability, and responsibilities? (A). EOL (B). SLA (C). MOU (D). EOSL Answer: B NO.10 Which of the following are common VoIP -associated vulnerabilities? (Select TWO). (A). SPIM (B). Vishing (C). Hopping (D). Phishing (E). Credential harvesting (F). Tailgating Answer: A B NO.11 An administrator needs to protect user passwords and has been advised to hash the passwords. Which of the following BEST describes what the administrator is being advised to do? (A). Perform a mathematical operation on the passwords that will convert them into unique strings (B). Add extra data to the passwords so their length is increased, making them harder to brute force (C). Store all passwords in the system in a rainbow table that has a centralized location (D). Enforce the use of one-time passwords that are changed for every login session. Answer: A NO.12 A new company wants to avoid channel interference when building a WLAN. The company needs to know the radio frequency behavior, identify dead zones, and determine the best place for access points. Which of the following should be done FIRST? (A). Configure heat maps. (B). Utilize captive portals. (C). Conduct a site survey. (D). Install Wi -Fi analyzers. Answer: C